Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Have a Promotion Code?

Please enter it here:

Great deals and more!

Sign up for special offers, exclusive discounts, and new product announcements from McGraw-Hill Professional.



February 5, 2011


Electronic book text, 720 pages


0071742565 / 9780071742566

Adobe Digital Editions® is required to view your downloaded eBooks.
Click here to get Adobe Digital Editions
To learn more about eBooks please see our eBook FAQ.

If you're having problems installing due to firewall issues please go here:


Your Price



Main description


Thwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource.

  • Develop and launch exploits using BackTrack and Metasploit
  • Employ physical, social engineering, and insider attack techniques
  • Build Perl, Python, and Ruby scripts that initiate stack buffer overflows
  • Understand and prevent malicious content in Adobe, Office, and multimedia files
  • Detect and block client-side, Web server, VoIP, and SCADA attacks
  • Reverse engineer, fuzz, and decompile Windows and Linux software
  • Develop SQL injection, cross-site scripting, and forgery exploits
  • Trap malware and rootkits using honeypots and SandBoxes

Table of contents

Part I: Introduction to Ethical Disclosure
1 Ethics of Ethical Hacking
2 Ethical Hacking and the Legal System
3 Proper and Ethical Disclosure
Part II: Penetration Testing and Tools
4 Social Engineering Attacks
5 Physical Attacks
6 Insider Attacks
7 Using BackTrack LiveCD Linux Distribution
8 Using Metasploit
9 Dradis and Managing a Pen Test
Part III: Exploiting
10 Progamming SProgrammingills
11 Basic Linux Exploits
12 Advanced Linux Exploits
13 Shellcode Strategies
14 Writing Linux Shell Code
15 Basic Windows Exploits
16 Client Content Based Attacks
17 Web Server Attacks
18 VoIP Attacks
19 SCADA Attacks
Part IV: Vulnerability Analysis
20 Passive Analysis
21 Advanced Static Analysis with IDA Pro
22 Advanced Reverse Engineering
23 Client-Side Browser Exploits
24 Exploiting Windows Access Control Model
25 Intelligent Fuzzing with Sulley
26 From Vulnerability to Exploit
27 Closing the Holes: Mitigation Techniques
Part V: Malware Analysis
28 Collecting Malware and Initial Analysis
29 Hacking Malware

Author comments

Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, a former engineer in the Air Force's Information Warfare unit, an instructor, and a bestselling author. She was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Allen Harper, CISSP, a retired Marine Corps Major, is the president and founder of N2NetSecurity, Inc., and a faculty member for the Institute for Applied Network Security, He has worked as a security consultant for the Internal Revenue Service and for Logical Security, LLC.

Jonathan Ness is a software security engineer at Microsoft. He is a member of an Air National Guard unit where he leads network penetration tests against military facilities across the country and helps define the information warfare aggressor mission for the Air Force.

Terron Williams, NSA IAM-IEM, CEH, CSSLP, works for Elster Electricity as a Senior Test Engineer with his primary focus on Smart Grid Security. He has served on the editorial board for Hakin9 Magazine.

Gideon J. Lenkey, CISSP co-founded Ra Security Systems, a network security monitoring and consultancy. He has provided advanced training to the FBI and is the sitting president of the FBI's InfraGard chapter in New Jersey.

Copyright 2014 McGraw-Hill Global Education Holdings, LLC


Before you can enjoy free downloads from McGraw-Hill Professional, we ask that you please provide your email address and country.

Yes, I want to receive other special offer.